Method And System For Abstracting Virtual Machines In A Network

ABSTRACT

One or more processors and/or one or more circuits may be operable to configure one or more virtual machines and a hypervisor for controlling the one or more virtual machines. The virtual machines and the hypervisor may be distributed across a plurality of network devices. A sub-hypervisor may be configured within each of the virtual machines utilizing the hypervisor. Load information of the network devices may be communicated to the hypervisor utilizing the sub-hypervisors. The virtual machines may include threads, may be load balanced utilizing the hypervisor, dynamically configured utilizing the hypervisor based on changes in the network devices, and scaled by the distribution of the virtual machines across the network devices. Information from the processing of data may be received in the virtual machines. The network devices may include a plurality of: servers, switches, routers, racks, blades, mainframes, personal data assistants, smart phones, desktop computers, and/or laptop devices.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.12/571,296, filed Sep. 30, 2009, pending, which claims priority toprovisional application Ser. No. 61/227,665, filed Jul. 22, 2009, whichapplications are incorporated by reference in their entirety.

TECHNICAL FIELD

Certain embodiments of the invention relate to wireless communication.More specifically, certain embodiments of the invention relate to amethod and system for abstracting virtual machines in a network.

BACKGROUND

In networking systems, a single machine, for example, a server or aclient, may be utilized to concurrently support multiple serveroperations or services. For example, a single server may be utilized forproviding access to business applications while also operating as anemail server, a database server, and/or an exchange server. The servermay generally support the various server operations by utilizing asingle operating system (OS). The server operations, via the single OS,make use of server processing resources such as the central processingunit (CPU), memory, network interface card (NIC), peripheral sound card,and/or graphics card, for example. In many instances, the serverresources may not be efficiently utilized because the demand for serveroperations generally vary based on the type of service provided and/oruser needs. Consolidating server services into a single physical machinemay result in an improvement in server efficiency. However,consolidation also removes the level of protection that is provided whenthe operations are maintained separately. For example, when theoperations are consolidated, a crash or failure in a database server mayalso result in the loss of email services, exchange services, and/orapplication services.

Another approach for improving server efficiency may be to utilizemultiple operating systems running concurrently so that each operatingsystem supports a different server operation or application or service,for example. The multiple operating systems may be referred to as guestoperating systems (GOSs) or child partitions. This approach maintainsthe level of protection provided when server operations are notconsolidated under a single operating system while also enabling theoptimization of the usage of the processing resources available to theserver. The use of multiple guest operating systems may be referred toas OS virtualization because each GOS perceives to have full access tothe server's hardware resources. In this regard, a GOS is unaware of thepresence of any other GOS running on the server. In order to implementOS virtualization, a software layer may be utilized to arbitrate accessto the server's hardware resources. This software layer may be referredto as a hypervisor or virtual machine (VM) monitor, for example. Thehypervisor may enable the multiple GOSs to access the hardware resourcesin a time-sharing manner. This software layer may be assisted by atrusted GOS (TGOS), which may also be referred to as a parent partition,or Virtual Machine Kernel (VMK) for instance.

The NIC may be a hardware resource that is frequently utilized by atleast one of the server operations or services. In this regard, ahypervisor or VM monitor may enable creation of a softwarerepresentation of the NIC that may be utilized by a GOS. This softwarerepresentation of the NIC may be referred to as a “virtual NIC.”However, a virtual NIC may not be able to offer a full set of featuresor functionalities of the hardware NIC to a GOS. For example, a virtualNIC may only be able to provide basic layer 2 (L2) networkingfunctionality to a GOS. The virtual NIC may be limited to providing datacommunication between a GOS and the network through another SW entity,such as a TGOS or VMK. In this regard, the virtual NIC may not be ableto support other advanced features such as remote direct memory access(RDMA) and/or Internet small computers system interface (iSCSI),directly to the GOS for example. Additionally, data may be copied amonga plurality of buffers prior to transmission to a network by the NIC orafter reception from a network by the NIC. The copying of data may be anoverhead to, for example, a host processor.

Further limitations and disadvantages of conventional and traditionalapproaches will become apparent to one of skill in the art, throughcomparison of such systems with the present invention as set forth inthe remainder of the present application with reference to the drawings.

BRIEF SUMMARY

A system and/or method for abstracting virtual machines in a network,substantially as shown in and/or described in connection with at leastone of the figures, as set forth more completely in the claims.

Various advantages, aspects and novel features of the present invention,as well as details of an illustrated embodiment thereof, will be morefully understood from the following description and drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a single host system virtual machineimplementation, which may be utilized in connection with an embodimentof the invention.

FIG. 2 is a diagram showing exemplary virtual machines abstracted over anetwork, in accordance with an embodiment of the invention.

FIG. 3 is a diagram illustrating exemplary threads in abstracted virtualmachines, in accordance with an embodiment of the invention.

FIG. 4 is a block diagram illustrating exemplary steps for abstractedvirtual machines, in accordance with an embodiment of the invention.

DETAILED DESCRIPTION

Certain aspects of the invention may be found in a method and system forabstracting virtual machines in a network. In various exemplary aspectsof the invention, one or more processors and/or one or more circuits maybe operable to configure one or more virtual machines and a hypervisorfor controlling the one or more virtual machines. The one or morevirtual machines and the hypervisor may be distributed across theplurality of network devices. A sub-hypervisor may be configured withineach of the one or more virtual machines utilizing the hypervisor. Loadinformation for the networked devices may be communicated to thehypervisor utilizing the sub-hypervisors. The one or more virtualmachines may comprise one or more threads. The one or more virtualmachines may be load balanced utilizing the hypervisor. The one or morevirtual machines may be dynamically configured utilizing the hypervisorbased on changes in the network devices and may be scaled by thedistribution of the one or more virtual machines across the plurality ofnetwork devices. The one or more virtual machines may comprise anoperating system. The network devices may comprise a plurality of:servers, switches, routers, racks, blades, mainframes, personal dataassistants, smart phones, desktop computers, and/or laptop devices.

FIG. 1 is a block diagram of a single host system virtual machineimplementation, which may be utilized in connection with an embodimentof the invention. Referring to FIG. 1, there is shown an exemplarynetwork interface card (NIC) 110 that supports level 2 (L2) switchingand/or higher layer of switching for communication between virtualmachines (VMs) in a host system. The switching supported by the NIC 110need not be limited to L2 only, and may be any combination of L2, VLAN,L3, L4, higher protocol layer and/or additional information includingfrom the administrator as to how to perform the switching. There is alsoshown virtual machines (VMs) 102 a, 102 b, and 102 c, a transfer virtualmachine (TVM) 102 d, a hypervisor 104, a host system 106, and a NIC 110.The TVM 102 d may comprise a main driver 124. The host system 106 maycomprise a host processor 122 and a host memory 120. The NIC 110 maycomprise a NIC processor 118, a NIC memory 116, a L2 switch 130, and aphysical address validator 132.

The host system 106 may comprise suitable logic, circuitry, interfaces,and/or code that may enable data processing and/or networkingoperations, for example. In some instances, the host system 106 may alsocomprise other hardware resources such as a graphics card and/or aperipheral sound card, for example. The host system 106 may support theoperation of the VMs 102 a, 102 b, and 102 c via the hypervisor 104. TheVMs 102 a, 102 b, and 102 c may each correspond to an operating system,for example, that may enable the running or execution of operations orservices such as applications, email server operations, database serveroperations, and/or exchange server operations, for example. The numberof VMs that may be supported by the host system 106 by utilizing thehypervisor 104 need not be limited to any specific number. For example,one or more VMs may be supported by the host system 106. Internalswitching may occur between VMs or between a VM and the TVM 102 d.

The hypervisor 104 and/or the TVM 102 d may operate as a software layerthat may enable virtualization of hardware resources in the host system106 and/or virtualization of hardware resources communicativelyconnected to the host system 106, such as the NIC 110, for example. Thehypervisor 104 and/or the TVM 102 d may allocate hardware resources andalso may enable data communication between the VMs and hardwareresources in the host system 106 and/or hardware resourcescommunicatively connected to the host system 106. For example, thehypervisor 104 may enable communication between the VMs supported by thehost system 106 and the NIC 110. In instances where a relevant VM isengaged in network transmission or reception, data may travel directlyto/from the NIC after the TVM 102 d has allocated queues, internalresources required on the NIC, consulted with the configuration andadministrative information.

The TVM 102 d may comprise a main driver 124 that may coordinate thetransfer of data between the VMs. The main driver 124 may communicatewith the virtual NIC driver 126 a in the VM 102 a, the virtual NICdriver 126 b in the VM 102 b, and/or the virtual NIC driver 126 c in theVM 102 c. Each virtual NIC driver may correspond to a portion of a VMthat may enable transfer of data between the operations or servicesperformed by the VMs and the appropriate queues via the main driver 124.

The host processor 122 may comprise suitable logic, circuitry,interfaces, and/or code that may be operable for control and/ormanagement of the data processing and/or networking operationsassociated with the host system 106. The host memory 120 may comprisesuitable logic, circuitry, and/or code that may enable storage of datautilized by the host system 106. The host memory 120 may be partitionedinto a plurality of memory portions. For example, each VM supported bythe host system 106 may have a corresponding memory portion in the hostmemory 120. Moreover, the hypervisor 104 may have a corresponding memoryportion in the host memory 120. In this regard, the hypervisor 104and/or the TVM 102 d may enable data communication between VMs bycontrolling the transfer of data from a portion of the memory 120 thatcorresponds to one VM to another portion of the memory 120 thatcorresponds to another VM.

The NIC 110 may comprise suitable logic, circuitry, interfaces, and/orcode that may enable communication of data with a network. The NIC 110may enable basic L2 switching, VLAN based switching, TCP offload, iSCSI,and/or RDMA operations, for example. The NIC 110 may be referred to avirtualization-aware NIC because communication with each VM may occur byan independent set of queues. The NIC 110 may determine the rightaddress or combination of address information, such as, for example,VLAN address, L2 MAC address, L3 IP address, L4 address, L4 port, amongothers, to be used in order to select the right target VM. For instance,the NIC 110 may determine the MAC address of received packets and maytransfer the received packets to an RX queue that corresponds to the VMwith the appropriate MAC address. Similarly, the NIC 110 may enabletransfer of packets from the VMs to the network by coordinating and/orarbitrating the order in which packets posted for transmission in TXqueues may be transmitted. In this regard, the NIC 110 is said to enabledirect input/output (I/O) or hypervisor bypass operations.

Some embodiments of the invention may comprise the NIC 110 that mayallow validation, correction, and/or generation of, for example, MACaddresses or VLAN tags or IP addresses or attributes like TOS bits in anIP header. For example, the NIC 110 may detect that a VM may request apacket to be sent with a wrong source MAC address. The NIC 110 mayvalidate a source MAC address by, for example, comparing the source MACaddress for a packet with MAC addresses that may be associated withspecific VM or buffers, and/or packet types.

The NIC 110 may flag the wrong source MAC address as an error to the TVMand/or to the VM, and may discard the packet. Another embodiment of theinvention may enable the NIC 110 to overwrite the incorrect parameter orattribute, for example, the source MAC address for the packet from a VMwith a correct source MAC address, and proceed with transmitting thepacket. Similarly, an appropriate source MAC address may be generatedfor each packet from the VMs without validating the source MAC address.Accordingly, an application program running on a VM may not need togenerate a source MAC address as the NIC 110 may write the source MACaddress. The NIC 110 may also monitor use of bandwidth and/or priorityper VM. The NIC 110 may, for example, allocate bandwidth limits orframes per VM, and/or ensure that VM or applications or flows associatedwith a VM do not claim priority different than that assigned by theadministrator and/or TVM.

The NIC processor 118 may comprise suitable logic, circuitry,interfaces, and/or code that may enable control and/or management of thedata processing and/or networking operations in the NIC 110. The NICmemory 116 may comprise suitable logic, circuitry, and/or code that mayenable storage of data utilized by the NIC 110. The NIC 110 may beshared by a plurality of VMs 102 a, 102 b, and 102 c. In someembodiments of the invention, network protocol operations may beoffloaded to the NIC 110 and handled by the NIC 110. The offloadednetwork protocol operations may comprise OSI layer 3, 4, and/or 5protocol operations, such as, for example, TCP and/or IP operations. TheNIC may also execute link layer network protocol operations, which maybe, for example, OSI layer 2 protocol operations, for example, a VLAN.

Accordingly, the NIC 110 may be a shared resource for the plurality ofVMs. The operations of the VMs and the NIC may be coordinated by the TVM102 d and the hypervisor 104. Operation of a VM and a NIC may comprisecopying data between a VM and the NIC. This may be accomplished by theNIC when the VM communicates to the NIC an address of a buffer or areference to an address of a buffer to be accessed in that VM. Theaddress may be a physical address or a virtual address. A virtualaddress may be translated to a physical address via, for example, anaddress translation table or a memory management unit. The means ofaddress translation may be design and/or implementation dependent.

The L2 switch 130 may comprise suitable logic, circuitry, and/or codethat may enable the NIC 110 to support packet communication between a VMand the network and/or between VMs, for example. Placing switchingfunctionality in the NIC 110 may, for example, reduce end-to-end latencywhen transmitting or receiving packets. The L2 switch 130 may supportunicast, broadcast, and/or multicast operations. Unicast operations mayrefer to packet transmissions to a single MAC address. Broadcastoperations may refer to packet transmissions to all MAC addresses.Multicast operations may refer to packet transmission to a particulargroup of MAC addresses.

For example, the VM 102 a may send a packet to at least one devicecommunicatively coupled to the network. In this instance, the virtualNIC driver 126 a may transfer the packet to a TX queue corresponding tothe VM 102 a. The L2 switch 130 may receive the packet from theappropriate TX queue and may determine that the destination MAC addressor addresses correspond to a device or devices on the network. The NIC110 may then communicate the packet to the network.

In another example, the VM 102 a may have a data packet to transmit tothe VM 102 b and/or the VM 102 c. In this instance, the virtual NICdriver 126 a may place the data packet on a transmit queue correspondingto the VM 102 a. The L2 switch 130 may receive the data packet from thequeue and may determine that the destination MAC address may correspondto the VM 102 b. The NIC 110 may place, for example, the data packet into a receiver queue corresponding to the VM 102 b. The virtual NICdriver 126 b may be notified of the data packet in the queue via anevent queue and the virtual NIC driver 126 b may copy the data packetfor use by an application program on the VM 102 b.

The NIC 110 may also comprise the physical address validator 132. Thephysical address validator 132 may comprise suitable logic, circuitry,and/or code that may enable the validation of the address of a bufferposted by a virtual NIC driver to store a received packet. For example,before a packet in a receiver queue is transferred to a posted buffer,the physical address validator 132 may validate that the posted bufferis in an address or memory location that corresponds to the VMassociated with the received packet. When the address is validated, thereceived packet may be transferred from the receiver queue to the postedbuffer. If the physical address cannot be validated, the NIC 110 maynotify, for example, the TVM and/or the hypervisor and/or the maindriver 124 and/or virtual NIC driver 126 a. Accordingly, the virtual NICdriver 126 a may post a new buffer to receive the packet from thereceiver queue or another action such as bringing down the virtual drivemay be taken by the TVM and/ or hypervisor. Similar validation fortransmit buffer addresses can be performed by the NIC.

FIG. 2 is a diagram showing exemplary virtual machines abstracted over anetwork, in accordance with an embodiment of the invention. Referring toFIG. 2, there is shown devices 201A-201F, virtual machines (VMs) 203Aand 203B, a network 205, a hypervisor 207, and sub-hypervisors 209A and209B.

The devices 201A-201F may comprise suitable circuitry, logic,interfaces, and/or code that may be operable to support theimplementation of multiple virtual machines, such as the VMs 203A and203B, and may comprise desktop computers, servers, switches, personaldata assistants, smart phones, routers, racks, blades, mainframes,laptop devices and/or or any hardware that may support VM functionality.Various portions of the hardware requirements of the VMs 203A and 203Bmay be supported on a particular device based on the suitability of thedevice for that purpose, including metrics such as processor speed,storage space, current usage, network connectivity type, networkbandwidth, and load balancing, for example.

The VMs 203A and 203B may comprise suitable circuitry, logic,interfaces, and/or code that may be operable to perform functions of amachine utilizing software. For example, a VM may comprise an operatingsystem (OS), such as Windows XP, Linux, or the Mac OS, distributedacross the network 205. The VMs 203A and 203B may be distributed over aplurality of devices in the network 205 and may be configured foroptimum performance utilizing information regarding capabilities of thevarious devices used to support a particular VM. For example, a VM thatmay be utilized to perform intensive calculations may be partiallysupported by a device with high floating-point operations per second(FLOPs) processor capability.

The network 205 may comprise a local area network (LAN), a personal areanetwork (PAN, an enterprise network, or any collection of devices incommunication with each other and with the ability to be controlled by asingle entity, for example.

The hypervisor 207 may comprise functionality similar to the hypervisor104 described with respect to FIG. 1, but abstracted, or distributed,over the network 205. In this manner, various functionalities of the VMs203A and 203B may be controlled while distributed over a plurality ofdevices, such as the devices 201A-201F. The hypervisor 207 may allocatehardware and software resources and also may enable data communicationbetween the VMs and hardware resources in the devices 201A-201F. Forexample, the hypervisor 207 may enable communication between the VMssupported by devices 201A-201 F. In another embodiment of the invention,the hypervisor 207 may control the overall operation of the VMs 203A and203B, controlling the flow of information between the various devicessupporting the VM, and may control the sub-hypervisors 209A and 209B inthe VMs 203A and 203B, respectively, essentially comprising a networkedhypervisor not tied to any one device.

The sub-hypervisors 209A and 209B may comprise suitable circuitry,logic, interfaces, and/or code that may be operable to controloperations within a particular VM, while under the control of thehypervisor 207. The sub-hypervisors 209A and 209B may controlsub-operations in the VMs 203A and 203B respectively. Thesub-hypervisors 209A and 209B may communicate load information ofnetwork devices, in which a particular VM may be located, back to thehypervisor 207. The sub-hypervisors 209A and 209B may comprise anoptional embodiment as a sub-set of the hypervisor 207 function perindividual networked VM, such that VM management may be optimized forperformance and reliability. The sub-hypervisor 209A and 209B maycomprise control and management of memory, I/O coherence, buffers,cache, VM process state save, network interface of VM, for example,while the hypervisor 209 may comprise control and management of deviceresources, and actions such as VM creation, VM state save, VM staterestoration, and VM deletion.

For the hypervisor 207 to be abstracted in the network 205, the devices201A-201F may be aware of communication of information to and fromprocessors in the devices 201A-201F as well as configurations of thevarious devices 205A-205F controlled by the hypervisor 207. One or moreof the devices 201A-201F may be utilized to create the hypervisor 207.Communicated information may comprise the state of a VM and network 205and device 201A-201 F resources used by the VMs. In this manner, loadbalancing may be configured, optimizing the performance of the VMs 203Aand 203B. For example, since the hypervisor 207 and the sub-hypervisors209A and 209B may be distributed over the network 205, they may benetwork-aware as opposed to just aware of resources in a single device.Thus, the VM parameters may be shared among the devices 201A-201F,enabling the dynamic prioritization and resource allocation of thenetworked devices.

In operation, the VMs 203A and 203B may be enabled to operate utilizinga plurality of the devices 201A-201F. For example, the virtual machine203A may be distributed over the devices 201A-201D, and the VM 203B maybe distribute over the devices 201C-201F. The devices 201A-201F may bewithin the network 205, and may share VM parameters so that specifiedfunctions within the VMs may be executed within a device with preferredperformance with respect to that function. For example, a device withhigh processor speed may be utilized for processor-intensive functionsof the VM, and storage-intensive operations may be executed on deviceslocal to the storage capacity to utilize a higher bandwidth connectionto the storage capacity.

The hypervisor 207 may control the overall distribution and/orconfiguration of the functionality of the VMs, and may perform loadbalancing, managing resources in devices across the network 205, therebyenabling scaling and optimization of performance dependent on availablenetwork resources, for example. The hypervisor 207 may enableconfiguration of multiple VMs across the network 205, which would not beenabled with a non-abstracted hypervisor. The hypervisor 207 may controlthe VMs 203A and 203B via the sub-hypervisors 209A and 209B within theVMs. The communication and available resource parameters may becommunicated to the VMs 203A and 203B via the hypervisor 207. Thesub-hypervisors 209A and 209B may communicate the compute load of aparticular VM to the hypervisor 207 so that it may configure resourcesto individual VMs based on the hypervisor 207 traffic awareness.Accordingly, because the VMs are distributed over networked resources,the VMs are scalable limited only by the resources available in thenetworked resources.

In an embodiment of the invention, a plurality of hypervisors, each withits own sub-hypervisor, may control the virtual machines.

FIG. 3 is a diagram illustrating exemplary threads in abstracted virtualmachines, in accordance with an embodiment of the invention. Referringto FIG. 3, there is shown the network 205, the devices 201A-201F, andthe hypervisor 207, which may be as described with respect to FIG. 2.There is also shown virtual machines 303A and 303B, which comprisethreads 301A-301D. The threads 301A-301D may comprise the suitablecircuitry, logic, and or code that may be operable to perform specificfunctions within the VMs. A VM may comprise a plurality of threads, suchas the threads 301A and 301 b in the VM 303A and the threads 301C and301D in the VM 303B, for example.

In operation, the threads 301A-301D may be operable to execute variousfunctions in the VMs 303A and 303B, and may be controlled by thehypervisor 207, which may be abstracted over the devices 201A-201F, forexample. The threads may also be distributed over a plurality ofdevices. For example, the thread 301D may be distributed over thedevices 201A-201E, and the thread 301A may be distributed over thedevices 201A-201C. In this manner, resources from different devices maybe utilized in a thread in a VM to optimize performance and to loadbalance. For example, if a function in a VM requires significantprocessing capability, a thread may be configured to reside partially ona device comprising suitable processor power. The configuration of thethreads 301A-301D may be dynamically controlled by the hypervisor 207,and may be adjusted based on changing network or resource utilizationconditions, for example. In another exemplary embodiment, energy usagemay be utilized for control of the VMs. For example, devices may beturned on/off to use more/less power based on VM computing demands fromthe networked hypervisor.

FIG. 4 is a block diagram illustrating exemplary steps for abstractedvirtual machines, in accordance with an embodiment of the invention.Referring to FIG. 4, in step 403 after start step 401, the hypervisor207 may configure VMs over the available networked devices. In step 405,the parameters established for the VMs may be shared amongst thenetworked devices, followed by step 407, where the VMs execute theirdesired functions. If, in step 409, the networked resources do notchange, the exemplary steps may proceed to step 411, but if resources orVM compute needs do change, the exemplary steps may return to step 403.

In step 411, if network resources are to be reconfigured, the processmay proceed to step 413 where the hypervisor may halt the VM, followedby step 415 where the hypervisor may reconfigure VMs on the networkeddevices based on the reconfigured networked resources. The hypervisor207 may re-configure VMs based on network traffic. For example, ininstances where the sub-hypervisor 209B detects VM 203B's networktraffic between device 201F and 201D to be high enough for the device201 D VM resources to be re-located to the device 201F, assuming VMresources are available in the device 201F, to optimize inter-devicecommunication within the VM 203B. In step 417, the hypervisor mayreadjust the parameters for the new configuration and then resume theVMs. The exemplary steps may then proceed to step 407. If, in step 411,the networked resources are not to be reconfigured, the exemplary stepsmay proceed to end step 419.

In an embodiment of the invention, a method and system are disclosed forabstracting virtual machines in a network. In this regard, one or moreprocessors and/or one or more circuits may be operable to configure oneor more virtual machines 203A, 203B, 303A, and 303B and a hypervisor 207for controlling the one or more virtual machines 203A, 203B, 303A, and303B. The one or more virtual machines 203A, 203B, 303A, and 303B andthe hypervisor 207 may be distributed across the plurality of networkdevices 201A-201F. A sub-hypervisor 209A and 209B may be configuredwithin each of the one or more virtual machines 203A, 203B, 303A, and303B utilizing the hypervisor 207. Load information of the networkeddevices 201A-201F may be communicated to the hypervisor 207 utilizingthe sub-hypervisors 209A and 209B. The one or more virtual machines203A, 203B, 303A, and 303B may comprise one or more threads 301A-301D.

The one or more virtual machines 203A, 203B, 303A, and 303B may be loadbalanced utilizing the hypervisor 207. The one or more virtual machines203A, 203B, 303A, and 303B may be dynamically configured utilizing thehypervisor 207 based on changes in the network devices 201A-201F, suchas network connectivity and application needs, for example, and may bescaled by the distribution of the one or more virtual machines 203A,203B, 303A, and 303B across the plurality of network devices 201A-201F.One or more of the one or more virtual machines 203A, 203B, 303A, and303B may comprise an operating system. The network devices 201A-201F maycomprise a plurality of: servers, switches, routers, racks, blades,mainframes, personal data assistants, smart phones, desktop computers,and/or laptop devices.

Another embodiment of the invention may provide a machine and/orcomputer readable storage and/or medium, having stored thereon, amachine code and/or a computer program having at least one code sectionexecutable by a machine and/or a computer, thereby causing the machineand/or computer to perform the steps as described herein for abstractingvirtual machines in a network.

Accordingly, aspects of the invention may be realized in hardware,software, firmware or a combination thereof. The invention may berealized in a centralized fashion in at least one computer system or ina distributed fashion where different elements are spread across severalinterconnected computer systems. Any kind of computer system or otherapparatus adapted for carrying out the methods described herein issuited. For example, a computer system that embodies a hypervisor andsub-hypervisors may reside in network switches/routers. A typicalcombination of hardware, software and firmware may be a general-purposecomputer system with a computer program that, when being loaded andexecuted, controls the computer system such that it carries out themethods described herein.

One embodiment of the present invention may be implemented as a boardlevel product, as a single chip, application specific integrated circuit(ASIC), or with varying levels integrated on a single chip with otherportions of the system as separate components. The degree of integrationof the system will primarily be determined by speed and costconsiderations. Because of the sophisticated nature of modernprocessors, it is possible to utilize a commercially availableprocessor, which may be implemented external to an ASIC implementationof the present system. Alternatively, if the processor is available asan ASIC core or logic block, then the commercially available processormay be implemented as part of an ASIC device with various functionsimplemented as firmware.

The present invention may also be embedded in a computer programproduct, which comprises all the features enabling the implementation ofthe methods described herein, and which when loaded in a computer systemis able to carry out these methods. Computer program in the presentcontext may mean, for example, any expression, in any language, code ornotation, of a set of instructions intended to cause a system having aninformation processing capability to perform a particular functioneither directly or after either or both of the following: a) conversionto another language, code or notation; b) reproduction in a differentmaterial form. However, other meanings of computer program within theunderstanding of those skilled in the art are also contemplated by thepresent invention.

While the invention has been described with reference to certainembodiments, it will be understood by those skilled in the art thatvarious changes may be made and equivalents may be substituted withoutdeparting from the scope of the present invention. In addition, manymodifications may be made to adapt a particular situation or material tothe teachings of the present invention without departing from its scope.Therefore, it is intended that the present invention not be limited tothe particular embodiments disclosed, but that the present inventionwill include all embodiments falling within the scope of the appendedclaims.

The methods, devices, and logic described above may be implemented inmany different ways in many different combinations of hardware, softwareor both hardware and software. For example, all or parts of the systemmay include circuitry in a controller, a microprocessor, or anapplication specific integrated circuit (ASIC), or may be implementedwith discrete logic or components, or a combination of other types ofanalog or digital circuitry, combined on a single integrated circuit ordistributed among multiple integrated circuits. All or part of the logicdescribed above may be implemented as instructions for execution by aprocessor, controller, or other processing device and may be stored in atangible or non-transitory machine-readable or computer-readable mediumsuch as flash memory, random access memory (RAM) or read only memory(ROM), erasable programmable read only memory (EPROM) or othermachine-readable medium such as a compact disc read only memory (CDROM),or magnetic or optical disk. Thus, a product, such as a computer programproduct, may include a storage medium and computer readable instructionsstored on the medium, which when executed in an endpoint, computersystem, or other device, cause the device to perform operationsaccording to any of the description above.

The processing capability of the system may be distributed amongmultiple system components, such as among multiple processors andmemories, optionally including multiple distributed processing systems.Parameters, databases, and other data structures may be separatelystored and managed, may be incorporated into a single memory ordatabase, may be logically and physically organized in many differentways, and may implemented in many ways, including data structures suchas linked lists, hash tables, or implicit storage mechanisms. Programsmay be parts (e.g., subroutines) of a single program, separate programs,distributed across several memories and processors, or implemented inmany different ways, such as in a library, such as a shared library(e.g., a dynamic link library (DLL)). The DLL, for example, may storecode that performs any of the system processing described above.

Various implementations have been specifically described. However, manyother implementations are also possible.

What is claimed is:
 1. A data processing system comprising: a plurality of network devices in data communication in a network; one or more virtual machines, each respective virtual machine being distributed across a respective subset of the plurality of network devices and configured for optimum performance using information regarding capabilities of respective network device of the plurality of network devices to support the each respective virtual machine; and a hypervisor distributed over a group of network devices of the plurality of network devices and configured to manage data communication between respective virtual machines of the plurality of virtual machines.
 2. The data processing system of claim 1 wherein the hypervisor is configured to allocate hardware and software resources of the plurality of network devices among the one or more virtual machines.
 3. The data processing system of claim 2 wherein the hypervisor is configured to share operational parameters of the respective virtual machines of the plurality of virtual machines to dynamically reallocate the hardware and software resources of the plurality of network devices among the one or more virtual machines.
 4. The data processing system of claim 1 wherein the hypervisor is configured to enable data communication between respective virtual machines of the one or more virtual machines and hardware resources of the plurality of network devices.
 5. The data processing system of claim 1 further comprising: a sub-hypervisor within each virtual machine of the plurality of virtual machines, the sub-hypervisor configured for data communication with the hypervisor to control one or more sub-processes implemented by the each virtual machine.
 6. The data processing system of claim 5 wherein the sub-hypervisor is distributed across more than one network device of the plurality of network devices.
 7. The data processing system of claim 1 wherein the hypervisor is configured to receive from the respective network devices of the plurality of network devices respective operating parameters of the respective network devices and further configured to control distribution of virtual machine processes of the one or more virtual machines among the plurality of network devices.
 8. The data processing system of claim 7 wherein the hypervisor is configured to balance a processing load for the virtual machine processes among the plurality of network devices using the received respective operating parameters of the respective network devices.
 9. The data processing system of claim 7 wherein the hypervisor is configured to optimize performance of respective virtual machine processes among the plurality of network devices using the received respective operating parameters of the respective network devices.
 10. The data processing system of claim 9 further comprising: a plurality of sub-hypervisors, each respective sub-hypervisor of the plurality of sub-hypervisors in data communication with the hypervisor and being associated with a respective virtual machine of the plurality of virtual machines, wherein the hypervisor is configured to communicate available resource parameters to a respective virtual machine of the plurality of virtual machines via a respective sub-hypervisor and the respective sub-hypervisor is configured to communicate a compute load of the respective virtual machine to the hypervisor.
 11. A data processing system comprising: a plurality of network devices in data communication in a network; one or more virtual machines, each respective virtual machine being distributed across a respective subset of the plurality of network device, each respective virtual machine comprising one or more threads operative to perform defined operational functions of the respective virtual machine; and a hypervisor distributed over a group of network devices of the plurality of network devices and configured to control the one or more threads or each respective virtual machines of the plurality of virtual machines.
 12. The data processing system of claim 11 wherein the hypervisor is configured to receive from the respective network devices of the plurality of network devices respective operating parameters of the respective network devices and further configured to control distribution of virtual machine processes of the one or more virtual machines among the plurality of network devices.
 13. The data processing system of claim 12 wherein respective threads of the one or more threads are functionally distributed over one or more subsets of the plurality of network devices.
 14. The data processing system of claim 13 wherein the hypervisor is configured to control distribution of the one or more threads over the one or more subsets of the network devices.
 15. The data processing system of claim 14 wherein the hypervisor is configured to dynamically vary configuration of the one or more threads over the one or more subsets of the network devices according to changing network utilization or network resource availability.
 16. The data processing system of claim 11 further comprising: a sub-hypervisor within each virtual machine of the plurality of virtual machines, the sub-hypervisor configured for data communication with the hypervisor to control one or more sub-processes implemented by the each virtual machine.
 17. A method comprising: at a plurality of network devices in data communication over a network, implementing a plurality of virtual machines, respective virtual machines of the plurality of virtual machines being distributed over respective subsets of network devices; and at the plurality of network devices, implementing a hypervisor in data communication with the respective virtual machines to control the plurality of virtual machines, including distributing respective portions of hypervisor code among the respective network devices, and allocating resources of the plurality of network devices among the plurality of virtual machines.
 18. The method of claim 17 wherein implementing a hypervisor further comprises: communicate operational parameters of the respective virtual machines of the plurality of virtual machines; dynamically reallocating hardware and software resources of the plurality of network devices among the one or more virtual machines in based on the communicated operational parameters.
 19. The method of claim 18 wherein implementing a hypervisor further comprises: optimizing performance of respective virtual machine processes among the plurality of network devices using the communicated operational parameters of the respective virtual machines.
 20. The method of claim 17 wherein implementing a hypervisor comprises: distributing, by the hypervisor, respective portions of a plurality of threads across respective subsets of the plurality of network devices according to functional capability of network devices of the respective subsets of the plurality of network devices and according to processing requirements of the plurality of threads. 